Cimplicity Security Vulnerabilities and Issues — Cimplicity CVE List

Lucene search

GeCimplicity

6 matches found

CVE•added 2022/02/25 7:15 p.m.•142 views

CVE-2022-21798

The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system.

9.8CVSS8.7AI score0.00111EPSS

CVE•added 2022/12/08 12:15 a.m.•50 views

CVE-2022-3084

GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code.

7.8CVSS7.8AI score0.00023EPSS

CVE•added 2022/12/08 12:15 a.m.•47 views

CVE-2022-3092

GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code.

7.8CVSS7.9AI score0.00023EPSS

CVE•added 2022/12/07 11:15 p.m.•46 views

CVE-2022-2002

GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.

7.8CVSS7.9AI score0.0002EPSS

CVE•added 2022/12/07 11:15 p.m.•45 views

CVE-2022-2952

GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.

7.8CVSS7.8AI score0.00057EPSS

CVE•added 2022/12/07 11:15 p.m.•42 views

CVE-2022-2948

GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.

7.8CVSS7.9AI score0.00021EPSS